Skip to content

Markster, Inc.
Privacy Policy

Last updated: 2 November 2025
Who we are: Markster, Inc. (Delaware, USA) and its EU affiliate Markster UAB (Lithuania) (together, “Markster”, “we”, “us”, “our”).
Contact: privacy@markster.ai | DPO: dpo@markster.ai
Scope: This Policy describes how we collect, use, disclose, and protect information when you visit our sites, use our platform and AI workers, purchase services or programs, or interact with us.

Role clarity:

  • For Customer Account Data (billing, seats, usage telemetry, support) and Marketing Data (site analytics, events), Markster is a Controller (or “Business”).

  • For Customer Personal Data you upload or connect to run campaigns (e.g., leads/prospects), Markster acts as a Processor (or “Service Provider”) under your instructions and our Data Processing Addendum (DPA).

1) Information We Collect

A. Information you provide (account/contract)

Name, company, role, email, phone, billing details, shipping (if any), authentication data, support requests, feedback, program/community registrations, surveys, and preferences.

B. Customer Content & Lead Data (processor)

Data you upload or connect for campaign execution (e.g., names, emails, role, company, CRM records, sequences, templates, meeting data, replies). You are responsible for having a lawful basis and providing any required notices/consents.

C. Email/calendar access promise (scope-limited)

When you connect mail/calendar, we retrieve only what’s required to operate the system (send, track, process replies, book meetings). We store only messages sent through Markster and corresponding replies routed via the system. We do not ingest or store unrelated mailbox content.

D. Usage, device, and diagnostic data

Log and telemetry (pages viewed, features used, timestamps, IP, device/browser, language, performance metrics, crash/error diagnostics). We may collect configuration and integration metadata to support and secure the service.

E. Cookies and similar tech

Cookies, SDKs, and beacons for authentication, preferences, analytics, fraud prevention, and performance. See “Cookies” below.

F. Third-party sources

If permitted by you or law: CRM/marketing systems, enrichment providers, payment processors, event platforms, or public business sources (e.g., corporate websites, LinkedIn-public data).

2) How We Use Information

A. As Controller (Customer Account/Marketing Data)

  • Provide, maintain, secure, and improve the services

  • Billing, account administration, seat management

  • Customer support and incident response

  • Service announcements and product updates

  • Security monitoring, fraud and abuse prevention

  • Analytics to improve quality and performance

  • Marketing and events (you can opt out anytime)

B. As Processor (Lead/Prospect Data)

  • Execute your instructions (send sequences, track engagement, route replies, book meetings, generate drafts via AI)

  • Maintain suppression, preferences, and compliance workflows

  • Provide dashboards and reporting you request

  • Process only for the duration and scope defined by your contract/DPA

C. AI/automation transparency

We may use aggregated and/or de-identified prompts, telemetry, and usage patterns to operate, safeguard, and improve the platform (e.g., quality, abuse detection, performance). We do not use your Customer Personal Data to train public models in a way that identifies you or your end users. Any stricter limits in an executed DPA control.

D. Legal bases (EEA/UK)

For Controller data, we rely on one or more of: contract performance, legitimate interests (to run, secure, improve our services and market to business users), consent (where required), and legal obligation.

3) How We Share Information

We do not sell personal data. We share:

  • Service providers/subprocessors (cloud hosting, email/sms/voice delivery, enrichment, analytics, support tooling, payment processing) under contract, limited to necessary purposes.

  • Integrations you enable (CRMs, calendars, mail, dialers, data providers)—sharing occurs as you configure.

  • Corporate transactions (merger, acquisition, financing, asset sale) subject to ongoing protections.

  • Legal/compliance (protect rights, safety, security; respond to lawful requests).

  • Aggregated/de-identified insights (never to re-identify).

We maintain a list of material subprocessors upon request and notify of material changes as described in the DPA.

4) Cookies & Similar Technologies

We use strictly necessary cookies (authentication, session), functional cookies (settings), and analytics/performance cookies. Where required by law, we present a consent banner and honor your choices. You can adjust cookie settings in your browser and in our banner. Blocking some cookies may limit features.

5) International Transfers

We operate globally. Data may be processed in the U.S., EU, UK, and other locations where we or our providers operate. For EEA/UK/Swiss data transferred to the U.S. or other third countries, we rely on Standard Contractual Clauses (SCCs) (and UK/CH addenda) or other lawful mechanisms, plus technical and organizational measures.

6) Security

We employ administrative, technical, and physical safeguards appropriate to the nature of the data and our services, including encryption in transit, access controls, logging/monitoring, vulnerability management, and secure development practices. No method is 100% secure; we encourage strong passwords, MFA, and role-based access on your side.

If we confirm a security incident affecting personal data, we will notify without undue delay and provide information reasonably available to help you meet legal obligations.

7) Data Retention

  • Controller data (account, billing, support): kept for the term of your account and as needed for legal/accounting/compliance.

  • Processor data (leads/prospects): retained for the subscription term and then deleted or returned/anonymized per your instructions, the DPA, or within a commercially reasonable period after termination.

  • Program/community recordings: retained as described at sign-up or until you request removal where feasible.

We may retain limited logs/backups for a short period (with restricted access) for security and continuity.

8) Your Privacy Rights

Your rights depend on your location and role.

  • As a Customer/end user (Controller data): access, rectification, erasure, restriction, objection, and portability where applicable; opt-out of marketing at any time (unsubscribe link or email privacy@markster.ai).

  • As a data subject within Customer datasets (Processor data): we act on your Customer’s instructions. Please contact the Customer (data Controller). If you contact us directly, we will notify and support the Customer to respond, consistent with law and our DPA.

  • U.S. state privacy laws (e.g., CCPA/CPRA): you may have rights to know/access, correct, delete, and opt-out of “sale”/“sharing” (we do not sell personal information). Submit requests to privacy@markster.ai. We will not discriminate for exercising rights.

We may verify your identity and request additional information to process requests. Authorized agents must present proof of authority and, where required, consumer verification.

9) Email/Comms Preferences

Transactional communications (security, billing, service updates) are necessary for service and may not be unsubscribed. You can opt out of marketing emails any time via the link in the email or by contacting us. For outreach you run through Markster, you are responsible for honoring prospect preferences and applicable laws.

10) Google API Services Disclosure

Markster’s use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements. We access only the scopes you approve, use them to provide the requested features (e.g., send/read campaign emails, manage calendars for booking), and do not use Google data for advertising.

11) Children

Our services are for business users. We do not knowingly collect personal data from children under 16 (or as defined by local law). If you believe a child has provided personal data, contact us and we will take appropriate steps.

12) Changes to This Policy

We may update this Policy from time to time. If we make material changes, we will notify you (e.g., in-app, email, or site notice). The “Last updated” date reflects the latest revision. Continued use after changes means you accept the updated Policy.

13) How to Contact Us

  • General privacy inquiries / rights requests: privacy@markster.ai

  • Data Protection Officer (EU/UK): dpo@markster.ai

  • Postal: Markster, Inc., Attn: Privacy, 651 N. Broad St., Suite 206, Middletown, DE 19709, USA

  • EU representative (if applicable): [Insert EU rep name, address, email]

14) Region-Specific Notices (Addenda)

EEA/UK Addendum

  • Controller legal bases: contract, legitimate interests, consent (where required), legal obligation.

  • Transfers: SCCs + UK Addendum/IDTA as applicable; you may request copies (with commercially sensitive terms redacted).

  • DPA: Our DPA is incorporated by reference for Customers processing personal data through the platform.

California Addendum (CCPA/CPRA)

  • We act as a Service Provider for Processor data and a Business for Controller data.

  • We do not “sell” or “share” personal information as defined by CPRA.

  • Sensitive personal information (if any) is used only for permitted purposes.

  • You have the rights described in Section 8; submit requests to privacy@markster.ai.

Short Email/Integration Summary (non-contractual)

  • We pull only what’s necessary to send, track, and process replies and to book meetings.

  • We store only campaign emails and replies routed via the system; no unrelated mailbox content is stored.

  • Disconnecting the integration stops further access; existing campaign messages remain per retention settings and DPA.

References:

  1. Privacy Policy (this page)
  2. Data Processing Addendum
  3. Subprocessor List
  4. Cookie Preferences